hashes over the VPN and easily cracked them using a dictionary attack.
Which of the following remediation steps should be recommended? (Select THREE)
A. Mandate all employees take security awareness training
B. Implement two-factor authentication for remote access
C. Install an intrusion prevention system
D. Increase password complexity requirements
E. Install a security information event monitoring solution.
F. Prevent members of the IT department from interactively logging in as
G. Upgrade the cipher suite used for the VPN solution
Answer: A, D, G
19.A software development team recently migrated to new application software on the
on-premises environment Penetration test findings show that multiple vulnerabilities
exist If a penetration tester does not have access to a live or test environment, a test
might be better to create the same environment on the VM Which of the following is
MOST important for confirmation?
21.An assessor begins an internal security test of the Windows domain
internal.comptia.net. The assessor is given network access via DHCP, but is not
given any network maps or target IP addresses.
Which of the following commands can the assessor use to find any likely Windows
18 / 30
CompTIA PenTest+ PT0-001 Dumps V10.02 DumpsBase
20.A security analyst has uncovered a suspicious request in the logs for a web
application. Given the following URL:
Which of the following attack types is MOST likely to be the vulnerability?